Repository navigation

#

etw-bypass

thomasxm / BOAZ_beta 

Multilayered AV/EDR Evasion Framework

boazcode-injectionobfuscationav-bypassav-edr-bypassav-evasionedr-bypassetw-bypasspayload-generatorpe-packerprocess-injectionred-teamingred-teaming-toolsred-reamantivirus-evasion
C++
617
2 天前
BlackSnufkin / NyxInvoke 

NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support

amsi-bypassetw-bypassoffensive-securityred-teamRust
Rust
206
2 个月前
EvilBytecode / Lifetime-Amsi-EtwPatch 

Two in one, patch lifetime powershell console, no more etw and amsi!

amsi-bypassamsi-evasionamsi-patchetwetw-bypasspentestingred-teamingfud
Go
88
10 个月前
wabzsy / gonut 

Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.

amsi-bypassdonutetw-bypassGoShellpe2shcpe2shellcode
Go
53
2 年前
Chainski / PandaLoader 

A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.

bypass-antivirusedr-bypassetw-bypassevasionMalwareobfuscationpe-loaderPowerShellShellshellcode-loaderpersistencecrypterpayload-generatorredteam
C++
44
6 天前
0xflux / ETW-Bypass-Rust 

Event Tracing for Windows EDR bypass in Rust (usermode)

edredr-bypassedr-evasionethical-hackingethical-hacking-toolsetwetw-bypassHackingMalwaremalware-researchpentestpentest-toolpentestingred-teamredteamredteam-toolsredteamingRust
Rust
19
10 个月前
EvilBytecode / ETW-Patch 

code snippet provided demonstrates how to patch the EtwEventWrite function in the ntdll.dll library on Windows using CGO (C Go).

av-evasionetwetw-bypassevasionfud
Go
8
10 个月前
Chainski / Lifetime-Amsi-EtwPatch 

Loads a C# binary in memory within powershell profile, patching AMSI + ETW.

amsi-bypassamsi-evasionamsi-patchetwetw-bypassfudNimpentesting-toolsPowerShellred-teamingoffensive-security
Nim
4
10 个月前
Arcueld / ETW 

Remove ETW providers from session &ETW session hijack

bypassetwetw-bypass
C++
0
1 个月前